Incorrect Nginx Logging Configuration on MAAS Snap
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
MAAS |
Invalid
|
Medium
|
Unassigned |
Bug Description
Hello,
Noting that the "nginx.log" file on my region and rack controllers is logging complaints about a non-existent error.log location:
---
root # tail -n1 /var/snap/
nginx: [alert] could not open error log file: open() "/var/log/
---
Indeed, this appears to be configured as such for both the error and access logs:
---
root # grep _log /snap/maas/
access_log /var/log/
error_log /var/log/
---
If one attempts to create this directory and those files, Apparmor then swings in and denies access, as it probably should:
---
Mar 28 15:41:50 host kernel: [ 246.253806] audit: type=1400 audit(168001811
---
Propose that these log locations be changed to something like:
---
access_log /var/snap/
error_log /var/snap/
---
Thank you for your time!
Current MAAS Version:
root # snap list maas
Name Version Rev Tracking Publisher Notes
maas 3.3.1-13169-
Changed in maas: | |
status: | New → Triaged |
importance: | Undecided → Medium |
milestone: | none → 3.3.x |
Changed in maas: | |
milestone: | 3.3.x → 3.3.5 |
Hello,
Here is my two cents theory as I am facing same behavior:
- Changing error_log path in nginx.conf doesn't seem to clear the error log (could not open error log file: open() "/var/log/ nginx/error. log") and I suspect it is caused by nginx behavior to check for /var/log/ nginx/error. log file by default.
There has been some tickets about it on nginx repo. A new nginx argument (-e) to override error_log path. See https:/ /trac.nginx. org/nginx/ ticket/ 147 since nginx 1.19.5. But as far as I understand, we are using version 1.18.